Lucene search

K
cve[email protected]CVE-2012-0340
HistoryFeb 13, 2012 - 10:55 p.m.

CVE-2012-0340

2012-02-1322:55:01
CWE-79
web.nvd.nist.gov
22
cve-2012-0340
cross-site scripting
xss
cisco
ironport
encryption appliance
bug id 72410
nvd

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

48.5%

Cross-site scripting (XSS) vulnerability in the management interface on the Cisco IronPort Encryption Appliance with software before 6.5.3 allows remote attackers to inject arbitrary web script or HTML via the header parameter to the default URI under admin/, aka bug ID 72410.

Affected configurations

NVD
Node
ciscoironport_encryption_applianceRange6.5.2.2
OR
ciscoironport_encryption_applianceMatch4.2.1-22.2.i386
OR
ciscoironport_encryption_applianceMatch4.2.1-22.i386
OR
ciscoironport_encryption_applianceMatch5.2
OR
ciscoironport_encryption_applianceMatch6.2
OR
ciscoironport_encryption_applianceMatch6.2.4
OR
ciscoironport_encryption_applianceMatch6.2.4.1
OR
ciscoironport_encryption_applianceMatch6.2.5
OR
ciscoironport_encryption_applianceMatch6.2.6
OR
ciscoironport_encryption_applianceMatch6.2.7
OR
ciscoironport_encryption_applianceMatch6.2.7.1
OR
ciscoironport_encryption_applianceMatch6.2.7.2
OR
ciscoironport_encryption_applianceMatch6.2.7.3
OR
ciscoironport_encryption_applianceMatch6.2.7.4
OR
ciscoironport_encryption_applianceMatch6.2.7.5
OR
ciscoironport_encryption_applianceMatch6.2.7.6
OR
ciscoironport_encryption_applianceMatch6.2.7.7
OR
ciscoironport_encryption_applianceMatch6.2.9
OR
ciscoironport_encryption_applianceMatch6.3
OR
ciscoironport_encryption_applianceMatch6.3.0.1
OR
ciscoironport_encryption_applianceMatch6.3.0.2
OR
ciscoironport_encryption_applianceMatch6.3.0.3
OR
ciscoironport_encryption_applianceMatch6.3.0.4
OR
ciscoironport_encryption_applianceMatch6.5
OR
ciscoironport_encryption_applianceMatch6.5.0.1
OR
ciscoironport_encryption_applianceMatch6.5.0.3
OR
ciscoironport_encryption_applianceMatch6.5.2
OR
ciscoironport_encryption_applianceMatch6.5.2.1

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

48.5%

Related for CVE-2012-0340